Android has allot of issues with HTTPS (exercised around 2.3, for which i have seen). The very best solution, i believe, it might be to by hand secure data constantly. And a few crypto libs are 2.x, so based on what you're focusing on it could truelly be "by hand". AES?